Cisco :: Unable To Discover Nexus 5548 With DCNM 5.2(2e)
Dec 20, 2012
I am unable to discover 2 Nexus 5548 with the SAN client of DCNM 5.2(2e)
These Nexus are used like LAN and SAN switch. Each Nexus is a SAN fabric. I would want to use DCNM in order to configurate the zone/zoneset via GUI. These Nexus 5548 run 5.1(3)N2(1b) release.
The Nexus ARE NOT managed via the Mgmt interface (OOB) but they are managed via an interface vlan (InB)
I could not configure rightly
- the snmp-server user (SNMP user V1/v2 or V3 + group ? ) CLI on Nx
- to configure the discovery in order that DCNM discover each fabric either from web GU interface or java SAN client
I am trying to get our DCNM to discover the 5548. When I put my credentials for that appliance. I get this error .Failed Device x.x.x.x OS Version 5.1(3)N1(1) is not supported . The DCNM version we have is 5.2(1)S74.
The Nexus 5548 is running 5.1.3.N2.1a and has the L3 daughter card (N55-D160L3)I have the EIGRP feature enabled. By the way, when doing a 'sh feature' four EIGRP features show up like this: [code] To create the L3 SVI, I go into config mode and attempt to type 'interface vlan 10'. but this doesn't work. These are the only options under the keyword 'interface':
- ethernet - loopback - mgmt - port-channel
I must be missing something simple but can't seem to see what that is. What do I need to do in order to create an L3 SVI on this 5548?
if i have just DCNM-N7K-K9 (DCNM for LAN Enterprise License for one Nexus 7000 Chassis) installed on a server, i can manage all nexus switches like 5k and 2k??
We've gotten two Nexus 7009's in and I'm starting to configure them when I found I couldn't add VDCs. I found there was no license installed but the only licenses I found that came with them are "Cisco DCNM for LAN Enterprise Lic for one Nexus 7000 Chassis". So my question is this - do I need to configure a DCNM server to get the license pushed to these two 7009s or should there be another PAK for each chassis that I can register and get my enterprise services?
I know that with the Nexus switches that we must use the management port and the management vrf for services such as NTP, SNMP etc. I have this configured on my 5548 and it still will not sync with NTP. [code]
I have problem with syncing Nexus and NTP server. MGMT IP adress of Nexus is 10.24.130.137 and address of NTP server is 10.242.32.12, there is full routing and NTP readability between Nexus and NTP but Nexus is UN synced:
N5k-04-A# sh ntp peer-status Total peers : 1 * - selected for sync, + - peer mode(active), - - peer mode(passive), = - polled in client mode remote local st poll reach delay ------------------------------------------------------------------------ =10.242.32.12 10.24.130.137 2 16 377 0.00310
Config of NTP is:
N5k-04-A# sh run ntp !Command: show running-config ntp!Time: Wed Apr 10 14:41:35 2013 version 6.0(2)N1(2)ntp server 10.242.32.12 use- vrf management ntp source-interface mgmt0ntp logging.
I captured traffic with wire shark and see something strange in NTP Packet: "Reference ID: Un identified reference source '...'"
I have one Catalyst 2960 on same sub net and it's synchronized with same NTP without any problems. Here is snapshot of wire shark capture:
P.S. Don't bother about malformed packet, it's probably because of using ERSPAN.
I am having an issue with authorization on the Nexus 5548. Note: The tacacs configuration has and still works correctly with all non-Nexus gear.
Authentication succeeds, and initiatial authorization passes. However, all sh and config commands fail, though AAA Autho Config-Commands .... and Commands Default Group <Grp Name), are configured.
ACS generates the following error: 13025 Command failed to match a Permit rule. The Selected Command Set is DenyAllCommands. I created an AllowAll, but am unclear how to associate this with Access Policy.
I have Nexus 5548UP, Version version 5.0(3)N2(2b), with a flat configured network. Customer has put several IP subnets on one Vlan. In one subnet is an Siemens SPS wich connects to a Server. This SPS is not reachable since I send a ping from the N5k, then everything works fine. Sniffering that port no arp requests from the N5k are captured. That hapens with every device (Siemens SPS) in the network. Every other clients and server are working fine and there are no problems.
I have a Nexus 5548 Recently restart itself for no reason I ran the command:
sh system reset-reason ----- reset reason for Supervisor-module 1 (from Supervisor in slot 1) --- 1) At 469203 usecs after Sat May 11 14:02:07 2013 Reason: Reset triggered due to HA policy of Reset Service: eth_port_sec hap reset Version: 5.1(3)N1(1a)
sh processes log details
Start type: SRV_OPTION_RESTART_STATELESS (23) Death reason: SYSMGR_DEATH_REASON_FAILURE_SIGNAL (2) Last heartbeat 6.09 secs ago RLIMIT_AS: 189894144 System image name: n5000-uk9.5.1.3.N1.1a.bin
I've been searching in Google/Cisco about the eth_port_sec hap reset and cannot find any reason, just something about the same error but in different technology:
[URL]
CSCub36000 #SNMP polling on eth_port_security objects no longer causes an eth_port_sec hap reset.I just to want to be sure, is the same reason...Or do you know something than can cause it on a Nexus Switch?
We have just purchased and installed the L3 daughter card for our 5548UPs and have also installed the L3 Enterprise Services pkg. The problem is, I cannot enable the EIGRP feature even though we have the Ent Svc lic. After doing a little more research, I see that the Lan Base lic is required to enable the L3 card and many of the L3 features (the card is currently in an "offline" state).
From what I have read on this board, the Lan Base lic is a free license that should be included with the L3 daughter card -- however, Cisco licensing will not issue me that license without a sales order (even though a Nexus engineer said it was included, the licensing group will not issue with an official sales order). Well, our vendor ordered the card and the Ent Svcs lic but for some reason we were never sent a PAK for the LAN Base lic.
using the 55xx as a L3 Distribution switch or even as a Core. By enabling the L3 features does it allow you enabled L3 SVI's for VLAN interfaces or are there interfaces on the daughter card that are used for routing instead?
I want to configure management for some Nexus 5548's?I wanted to manage the switches via an SVI. I have read the following document which gives details about the Management SVI but doesn't answer all questions.[URL]I am not running any layer 3 functionality on the switch, no layer3 license (which it mentions in the above link) Will I still be able to create a management SVI. I know I will need to enable the feature 'interface-vlan' to setup a Management SVI, does that require a license?
I encountered problem while trying to copy file from Nexus 5548 to my ftp server (proteus - 192.168.12.220 - the Nexus switch is able to resolve name proteus correctly to 192.168.12.220). See below the working and not working scenarios. I have serached through Cisco Bug Database but unable to find any related bug associated to this problem. This Nexus is running the following NX-OS version.
n5000-uk9-kickstart.5.1.3.N1.1a.bin n5000-uk9.5.1.3.N1.1a.bin Working (without specifying the username and full path)
We have two 5548 switches connected to a pair of 6509 running in VSS mode. I am trying to understand the benefit of having bridge assurance on the uplink ports.
If we have the command spanning-tree port type network enabled we cannot do a non disruptive upgrade. If there is bridge assurance on the uplink it warns you of this. Yet if I do not run bridge assurance on the uplinks I can do a upgrade without any disruption.
Why in god would I enable bridge assurance on this VPC link if I cannot do a non disruptive upgrade?
I am having some issue with SPT with the following topology.Pair of Nexus 5548 and 3750 are configured with MST instance 1.when enable STP as MST on Dell switches , it does not recognise it and create loop but if We change MST0 (only tried on one 3750 and two Dell switches in triangle in lab). its work fine.Does Dell switches only understand MST0 ?Can Nexus 5548 support MST0 if we change from MST1 and what will be effect?
I need to upgrade the code on our two Nexus 5548's in order to facilitate the installation of a few FEX's, but due to the fact that seemingly all of my port-channels are in the STP DESG forwarding state, an ISSU upgrade is not possible. Everything connected directly to our 5548's are utilizing VPC's, including an HP Blade chassis, and several Netapp devices. If I follow the normal upgrade route, should I experience an outage, or should the secondary switch just continue passing traffic?
I'm trying to setup SNMPv3 on a Nexus 5548. We are using SNMPv3 on 3750's without any issue, but haveing issues getting it setup on the Nexus.I have been using the following link for the setup following it line by line. [URL]The part that I'm having issues with is when I try to enforce SNMP message encryption on a per user basis. When I issue snmp-server user (username) enforcePriv, I get warning: unable to update CLI users database. reason: role does not exist grounp not found.
I am using cisco Nexus5548 and trying to enter a snmp community, but it doesn't accept it. I enter a community name that is less than 32 characters, with symbols, numbers and letters.
I am setting up a new environment with 2 5548's and some 2248TP-1GE Fex's and Im running into an issue. I have the peer link and peer-keepalive link that appear to be good. When I configure the fex and vpc for the fex manually on each switch without pre-provisioning the slot the fex comes online and everything appears to be good. I can see all the ineterfaces when doing a sh int br and the sh fex detail shows all good. When I do the exact same thing but pre-provision the slot the fex stays in an offline state. Ive tried disabling the port(s) connected to the fex while configuring everything then enabling them but same thing. [code]
regarding PVLANs and the Nexus, my understanding is that we cannot configure Private VLANs on a FEX trunk port with a NX-OS release older than 5.1(3)N2(1) for the Nexus5548... Is there any known workaround for this limitation (appart from performing a SW upgrade)?
I am working for an Air Force client and am adding a handful of 5548s into their network. My question is how Tacacs+ is configured. My hands are tied in regards to testing in an operational environment so I want to ensure the configs are correct prior to deployment/maintenance window and avoid any remote issues.
I have read the "Cisco Press - TACACS+" config guide and it was somewhat vague in regards to operational deployment.
When I try to set the following command string, aaa authentication login default group tacacs+ local, the NX-OS asks me the input a "server group name". There are no server groups configured. Do I need them? Can I get by without configuring a group name because the client probably will not.
The Cisco IOS devices are configured with normal aaa authentication/authorization parameters. Also, do the VTY ports default to sshv2 and the correct tacacs+ parameters with the "transport input ssh" command (not available)?
I am trying to install SFP-GE-T module on Nexus 5548UP Switch, but is giving the ‘SFP validation Failed’ error. The details of the switch is given below
Model : N5K-C5548UP-FA
The interface is configured with speed 1000 before inserting the module, still we are getting the same error. PFA logs for more details We have 8 Nos of SFP-GE-T modules , all are giving same error. We tried to insert the module on onboard as well as expansion module.
The same module is working fine on Cisco 3750X-24T-L Switch As per the Hardware installation guide , SFP-GE-T transciever is supported on N5K platform. Please extend your support in configuring SFP-GE-T module on N5K platform? We tried with SFP-GE-S module on the same switch , and the same is found working fine.
I am trying to interconnect a pair of Nexus 5548 at adjacent sites, using 2 2960-S switches at each site, the reason being that the Multimode Fiber between the sites will only support 100mb and I need this up while I finish having SMF laid.
I have attached a diagram, just debating whether to use etherchannel or vPC - would like to hear some opinions...
Assume the interconnect between the 5548's needs to be 802.1q trunk
just a simple question. Is it possible to use a nexus 5548 UP switch as a layer 3 router between different vlans on the switch without the layer 3 card ? Or is there no 5548 as a router with the layer 3 card ?
My Nexus is a 5548-UP model, NX-OS version : 5.1(3)N2(1b)
I try to debug an OSPF and an ICMP problem using the debug ip ospf command and the debug icmp command but not output appear on the terminal. As the switch is remote, I entered the terminal monitor command of course.
SG01NX01# terminal monitor SG01NX01# debug ip ospf 1 packets SG01NX01# show debug
We would like to add another Nexus5k to this topology. However, it has to be a zero downtime infrastructure add-on. When setting up the keep-alive, peer-link, vPC and vdc domain, will there be any upset in network traffic on the current N5k?Also, are the Nexus5k configurations synchronized or are they independent from one another? Before setting up the new 5k, should i configure it to teh 6509's, and vPC's to the Nexus2k's before setting up peer-link?
We inserted GLC-T modules and on Nexus 5548 they are showing SFP validation Failed , as per Cisco doc GLC-T is support . Since we have 28 such modules and all after inserting showing same error. please see the below details. I also try configuring speed and inserting modules but no result ..let me know whether my GLC-T module is supported on Nexus 5548
INMUMFDS1SWCORE01# show module Mod Ports Module-Type Model Status --- ----- -------------------------------- ---------------------- ------------ 1 32 O2 32X10GE/Modular Supervisor N5K-C5548P-SUP active * 2 16 O2 16X10GE Ethernet Module N55-M16P ok 3 0 O2 Daughter Card with L3 ASIC N55-D160L3 ok
We are planning to have attach topology with nexus 5548 using vpc. Let me know if this i possible. I want to configure dual NIC linux server using LACP active mode to connect to two 5548 in VPC for redudancy as well as use of full access layer bandwidth. On nexus this will be access port in single port channel in single VPC link.
I've just plugged in 4 Nexus5548 switches and ran through the initial setup without any issues. However, the fans seem to be stuck on full speed. At the moment they're the loudest thing in the server room.
I know this isn't the most recent OS however I was hoping to avoid updating if necessary as I don’t have the service agreement linked to my account and can’t download the update without it. Is there anything else I can try first or anything I have missed?
Software BIOS: version 3.5.0 loader: version N/A kickstart: version 5.1(3)N1(1a) system: version 5.1(3)N1(1a) power-seq: Module 1: version v1.0 Module 3: version v2.0 uC: version v1.2.0.1 SFP uC: Module 1: v1.0.0.0 BIOS compile time:
